13cafdb00279217a26c68d973e7c796c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13cafdb00279217a26c68d973e7c796c_JaffaCakes118
Size

272KB
MD5

13cafdb00279217a26c68d973e7c796c
SHA1

05b01a537e4ecaab31004094b5e18b190a10cf20
SHA256

d214c4625855a4f03cd59f28209558dcd6736398ba4b60118bf79094a3bbb92c
SHA512

635f8d791ac6aa30d713c2b72a57c9b5e8d4325490cb48fa0dc38584c96ed38eed25568c52b6a45a06c2c7ecf6d624308828f1b6923a57b2c53540b57edbb65a
SSDEEP

6144:/xGFiBgqHDSbntzrnM5+ferOcPmO7vqLJ8zN6:0FoFHDSbnt72y4mOL4J8z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13cafdb00279217a26c68d973e7c796c_JaffaCakes118

Files

13cafdb00279217a26c68d973e7c796c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

537b0cf45dbe77a1ac0a7029cd2d1b9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
GetProcessHeap
GetWindowsDirectoryA
GetDriveTypeA
GetVersion
SetProcessAffinityMask
GlobalReAlloc
FatalAppExitA
GetFileType
GetVersionExA
FormatMessageW
DeleteFiber
SetCommTimeouts
PeekNamedPipe
SetThreadAffinityMask
ExitProcess
FindResourceExW
SetFileAttributesA
FormatMessageA
GetTimeZoneInformation
FreeResource
_lopen
ReadConsoleA
SuspendThread
VirtualAllocEx
GetSystemTimeAdjustment
SetHandleCount
GetDriveTypeW
GetCommandLineA
lstrlenA
VirtualAlloc
GetAtomNameA

user32

SendDlgItemMessageW
WaitMessage
GetKeyNameTextA
SetThreadDesktop
GetDesktopWindow
GetMenuDefaultItem
GetClassInfoA
CharLowerW
LoadIconW
GetSysColor
BroadcastSystemMessageW
ScreenToClient
GetKeyNameTextW
SetWindowsHookExA
SetWindowTextA
BeginPaint
LoadBitmapW
CreateIconIndirect
DefWindowProcA
GetClipboardViewer
DrawStateW
LockWindowUpdate
GetMenuItemRect
EnumWindowStationsW
CheckRadioButton
MapVirtualKeyA
BroadcastSystemMessageA
EndDialog
CreateDialogParamA
MapVirtualKeyW
OemToCharBuffA
MonitorFromPoint
MonitorFromWindow
EqualRect
SetRectEmpty
CreateIcon
SetForegroundWindow
GrayStringW
DrawCaption
GetUpdateRgn
SetWindowLongW
IntersectRect
DialogBoxIndirectParamA
SetUserObjectSecurity
LookupIconIdFromDirectory
SendMessageTimeoutW
WinHelpW
UnhookWindowsHook
GetClipboardSequenceNumber
EnumWindows
SetSysColors
GetKeyboardType
GetMessageA
SwitchDesktop
BeginDeferWindowPos
ModifyMenuW
RedrawWindow
SendMessageA
LoadAcceleratorsA
GetInputState
TranslateAcceleratorA

gdi32

CreateDCW
GetViewportOrgEx
SetTextColor
CreateBitmapIndirect
DeleteEnhMetaFile
CreateCompatibleBitmap
EnumFontFamiliesExW

comdlg32

GetFileTitleA
PageSetupDlgW
ReplaceTextA

advapi32

CryptGetHashParam
RegCreateKeyW
QueryServiceConfigW
RegQueryValueExW
StartServiceCtrlDispatcherA
NotifyChangeEventLog
SetServiceObjectSecurity
FreeSid
OpenServiceA
SetThreadToken
IsValidSecurityDescriptor
OpenSCManagerA
GetSecurityDescriptorOwner

shell32

DragAcceptFiles
Shell_NotifyIconA
FindExecutableA

ole32

OleInitialize
GetClassFile
CoInitializeEx
CoFileTimeNow

oleaut32

SafeArrayCreate
QueryPathOfRegTypeLi
VariantCopy
SysStringLen
SafeArrayRedim

shlwapi

PathFindNextComponentW
StrDupW
StrCatBuffA
PathFindExtensionW
StrChrIW
StrTrimW
StrCpyW
PathRemoveFileSpecA
PathGetCharTypeW
SHSetValueA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

537b0cf45dbe77a1ac0a7029cd2d1b9b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 260KB - Virtual size: 256KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 260KB - Virtual size: 256KB